Sending secure messages to Teams: Using Multi-Factor Authentication with Looply

Sometimes you might need to send sensitive information in your Teams notifications, which you don’t want to be accidentally seen by others.

With Looply, we can add an additional challenge to view such data, using (for example) a password challenge or a one-time passcode.

An example process involves:

1. Generation of a 1-time passcode
2. Send OTP by SMS
3. Show card with password challenge
4. Check the entered password
5. If successful, show the secure message

(1) and (2) can be achieved using Looply together with Renda.io.

The process in Looply looks like this:

1. The first step calls Renda.io to return a 1-time passcode token
2. The second step adds the token to the workflow payload
3. The third step is a JavaScript function to prepare the SMS text including the token.
4. The fourths step triggers the SMS send
5. The fifth step send the card with the password challenge, and the sixth step waits for a response.

Only one line of code is needed in the JavaScript function:

return { heading: params.heading, text: params.text1+params.token }

This kind of approach could be taken with any message being sent to Teams using Looply.